Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
f5 big-ip edge gateway vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2020-5892
In versions 7.1.5-7.1.8, the BIG-IP Edge Client components in BIG-IP APM, Edge Gateway, and FirePass legacy allow malicious users to obtain the full session ID from process memory.
F5 Big-ip Access Policy Manager
F5 Big-ip Access Policy Manager Client
F5 Big-ip Edge Gateway
5
CVSSv2
CVE-2020-5882
On BIG-IP 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5, and 11.6.1-11.6.5.1, under certain conditions, the Intel QuickAssist Technology (QAT) cryptography driver may produce a Traffic Management Microkernel (TMM) core file.
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Webaccelerator
F5 Big-ip Edge Gateway
6.4
CVSSv2
CVE-2020-5887
On versions 15.1.0-15.1.0.1, 15.0.0-15.0.1.2, and 14.1.0-14.1.2.3, BIG-IP Virtual Edition (VE) may expose a mechanism for remote malicious users to access local daemons and bypass port lockdown settings.
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Security Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Webaccelerator
F5 Big-ip Edge Gateway
F5 Big-ip Domain Name System
F5 Big-ip Global Traffic Manager
5
CVSSv2
CVE-2020-5883
On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2.3, 14.0.0-14.0.1, and 13.1.0-13.1.3.1, when a virtual server is configured with HTTP explicit proxy and has an attached HTTP_PROXY_REQUEST iRule, POST requests sent to the virtual server cause an xdata memory leak.
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Webaccelerator
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Security Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Edge Gateway
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
4.6
CVSSv2
CVE-2020-5858
On BIG-IP 15.0.0-15.0.1.2, 14.1.0-14.1.2.2, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5.1 and BIG-IQ 7.0.0, 6.0.0-6.1.0, and 5.2.0-5.4.0, users with non-administrator roles (for example, Guest or Resource Administrator) with tmsh shell access can execute arbitrary commands ...
F5 Big-iq Centralized Management
F5 Big-iq Centralized Management 7.0.0
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Edge Gateway
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Webaccelerator
5
CVSSv2
CVE-2020-5857
On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2.2, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, undisclosed HTTP behavior may lead to a denial of service.
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Edge Gateway
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Webaccelerator
4.3
CVSSv2
CVE-2013-3587
The HTTPS protocol, as used in unspecified web applications, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which makes it easier for man-in-the-middle malicious users to obtain plaintext secret values by observing length differences ...
F5 Big-ip Access Policy Manager 13.0.0
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager 13.0.0
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics 13.0.0
F5 Big-ip Analytics
F5 Big-ip Application Acceleration Manager 13.0.0
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Security Manager 13.0.0
F5 Big-ip Application Security Manager
F5 Big-ip Edge Gateway
F5 Big-ip Link Controller 13.0.0
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager 13.0.0
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager 13.0.0
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Protocol Security Module
F5 Big-ip Wan Optimization Manager
F5 Big-ip Webaccelerator
F5 Firepass 7.0.0
F5 Firepass
1 Github repository
4.3
CVSSv2
CVE-2020-5854
On BIG-IP 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.6.0-11.6.5.1, the tmm crashes under certain circumstances when using the connector profile if a specific sequence of connections are made.
F5 Enterprise Manager 3.1.1
F5 Traffix Signaling Delivery Controller
F5 Big-iq Centralized Management
F5 Iworkflow 2.3.0
F5 Big-iq Centralized Management 7.0.0
F5 Big-ip Access Policy Manager
F5 Big-ip Local Traffic Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics
F5 Big-ip Application Security Manager
F5 Big-ip Edge Gateway
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Webaccelerator
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Domain Name System
5
CVSSv2
CVE-2020-5852
Undisclosed traffic patterns received may cause a disruption of service to the Traffic Management Microkernel (TMM). This vulnerability affects TMM through a virtual server configured with a FastL4 profile. Traffic processing is disrupted while TMM restarts. This issue only impac...
F5 Big-ip Local Traffic Manager 11.5.4.2.74.291
F5 Big-ip Local Traffic Manager 12.1.4.1.0.97.6
F5 Big-ip Local Traffic Manager 14.1.2.1.0.83.4
F5 Big-ip Advanced Firewall Manager 11.5.4.2.74.291
F5 Big-ip Advanced Firewall Manager 12.1.4.1.0.97.6
F5 Big-ip Advanced Firewall Manager 14.1.2.1.0.83.4
F5 Big-ip Application Acceleration Manager 11.5.4.2.74.291
F5 Big-ip Application Acceleration Manager 12.1.4.1.0.97.6
F5 Big-ip Application Acceleration Manager 14.1.2.1.0.83.4
F5 Big-ip Analytics 11.5.4.2.74.291
F5 Big-ip Analytics 12.1.4.1.0.97.6
F5 Big-ip Analytics 14.1.2.1.0.83.4
F5 Big-ip Access Policy Manager 11.5.4.2.74.291
F5 Big-ip Access Policy Manager 12.1.4.1.0.97.6
F5 Big-ip Access Policy Manager 14.1.2.1.0.83.4
F5 Big-ip Application Security Manager 11.5.4.2.74.291
F5 Big-ip Application Security Manager 12.1.4.1.0.97.6
F5 Big-ip Application Security Manager 14.1.2.1.0.83.4
F5 Big-ip Edge Gateway 11.5.4.2.74.291
F5 Big-ip Edge Gateway 12.1.4.1.0.97.6
F5 Big-ip Edge Gateway 14.1.2.1.0.83.4
F5 Big-ip Fraud Protection Service 11.5.4.2.74.291
5
CVSSv2
CVE-2014-5209
An Information Disclosure vulnerability exists in NTP 4.2.7p25 private (mode 6/7) messages via a GET_RESTRICT control message, which could let a malicious user obtain sensitive information.
Ntp Ntp 4.2.7
F5 Big-ip Local Traffic Manager 11.2.1
F5 Big-ip Wan Optimization Manager 11.2.1
F5 Big-ip Edge Gateway 11.2.1
F5 Big-ip Analytics 11.2.1
F5 Big-ip Access Policy Manager 11.2.1
F5 Big-ip Global Traffic Manager 11.2.1
F5 Big-iq Centralized Management 4.6.0
F5 Big-ip Webaccelerator 11.2.1
F5 Big-ip Link Controller 11.2.1
F5 Enterprise Manager 3.1.1
F5 Big-iq Adc 4.5.0
F5 Big-iq Cloud And Orchestration 1.0.0
F5 Big-ip Application Security Manager 11.2.1
F5 Big-iq Centralized Management
F5 Big-ip Local Traffic Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Analytics
F5 Big-ip Access Policy Manager
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »